DDOS – Gigaomhttp://gigaom.com
The industry leader in emerging technology researchWed, 21 Feb 2018 21:16:20 +0000en-UShourly1Denial-of-service attack takes out Dutch government websiteshttp://gigaom.com/2015/02/11/denial-of-service-attack-takes-out-dutch-government-websites/
Wed, 11 Feb 2015 11:13:50 +0000http://gigaom.com/?p=914089Many websites of the Dutch government were hammered by a distributed denial-of-service (DDoS) attack, the government said on Wednesday. In a statement, the government said the attack targeted the hosting service Prolocation, also knocking out other websites such as that of the satirical publication GeenStijl. It began 10am local time on Tuesday and apparently lasted into the evening. The Dutch National Center for Cyber Security is now coordinating with the government to investigate the attack. Ironically, as GeenStijl pointed out in its own statement, the DDoS took place on Safer Internet Day.
]]>UK teen arrested over Xbox and Playstation attacks, swattinghttp://gigaom.com/2015/01/16/uk-teen-arrested-over-xbox-and-playstation-attacks-swatting/
Fri, 16 Jan 2015 13:29:46 +0000http://gigaom.com/?p=907127Police in the U.K. have arrested another man in connection with the disruption of Microsoft’s Xbox Live and Sony’s PlayStation Network over the Christmas period.

The 18-year-old was arrested near Liverpool on suspicion of hacking and also of “swatting” – the practice of calling armed police tactical units to a target’s house to address a made-up threat. It sounds as though the swatting target was in the U.S., as a spokesman for the South East Regional Organised Crime Unit (Serocu) described “law enforcement forces in the United States receiving hoax calls via Skype for a major incident in which SWAT teams were dispatched.”

The arrested teenager is suspected of unauthorized access to computer material, unauthorized access “with intent to commit further offenses,” and threats to kill. Serocu seized “a number of electronic and digital devices” for examination. The unit worked with the FBI and the North West Regional Organised Crime Unit (Titan Rocu) on the operation.

The “Lizard Squad” attacks on the gaming networks deliberately caused major disruption just as people were receiving consoles and games for Christmas, and were only called off when Mega entrepreneur Kim Dotcom offered the miscreants file hosting vouchers. According to security expert Brian Krebs, the attackers used a botnet based on compromised home routers to knock out Xbox Live and the PlayStation Network.

This is the second arrest in connection with the attacks — a 22-year-old man called Vinnie Omari was arrested in London at the end of December. A Finnish 17-year-old by the name of Julius Kivimäki has also reportedly been interrogated over the attacks.

]]>German government website attack may be Ukraine-relatedhttp://gigaom.com/2015/01/07/german-government-website-attack-may-be-ukraine-related/
Wed, 07 Jan 2015 14:29:46 +0000http://gigaom.com/?p=904827Two German government websites were knocked offline by a distributed denial of service (DDoS) attack around 10am local time on Wednesday. Chancellor Angela Merkel’s site is still down five and a half hours later, but that of the Bundestag came back minutes ago. The pro-Russian CyberBerkut hacker group has claimed responsibility, claiming the attack was carried out as an appeal to Germany to “stop financial and political support of criminal regime in Kiev, which unleashed a bloody civil war” in Ukraine. Although the attribution of today’s attack remains unconfirmed, the group has been highly active since the ouster of Ukrainian president Viktor Yanukovych in February 2014.
]]>Sony PSN still struggling in wake of Christmas DDoS attackshttp://gigaom.com/2014/12/29/sony-playstation-offline-again-after-ddos-attacks/
http://gigaom.com/2014/12/29/sony-playstation-offline-again-after-ddos-attacks/#commentsMon, 29 Dec 2014 23:21:24 +0000http://gigaom.com/?p=903146Frustrated users were still taking to Twitter to complain and Sony’s Playstation Network support page still showed intermittent connectivity Monday night in the wake of a serious wave on attacks that took both Sony’s gaming service and Microsoft’s Xbox services offline on Christmas Day.

The denial of service attacks hit the companies where it hurt, affecting millions of customers as they were unwrapping new consoles and games, some of which needed to be connected to their respective networks to work. Microsoft’s Xbox site reports that the Xbox service is running as of Monday night, but the IGN and Maxim apps are experiencing problems, but the Sony network seems to have some deeper problems. A colleague of mine reports that he couldn’t connect his PS3.

We have reached out to Sony for comment, and will update the story if we hear back. The “Lizard Squad,” a group of hackers taking credit for the DDoS attacks, had said it was moving on to target Tor, the anonymous routing software, so it’s unclear if Sony is experiencing new attacks or continued trouble from the previous ones.

For those trying to get their Playstations back online, Sony is tweeting out a link so users can attempt to reconnect:

]]>http://gigaom.com/2014/12/29/sony-playstation-offline-again-after-ddos-attacks/feed/1Gaming service hack attack whacks thousands of Swedish bystandershttp://gigaom.com/2014/12/11/gaming-service-hack-attack-whacks-thousands-of-swedish-bystanders/
Thu, 11 Dec 2014 15:22:02 +0000http://gigaom.com/?p=899878On Thursday, Sweden’s biggest internet service provider, Telia, said that its network had suffered an attack earlier this week from hackers who were apparently trying to target a gaming company. Reports suggest the target was Electronic Arts (EA), which runs some Battlefield services out of the country.

According to Telia, the distributed denial of service (DDoS) attack occurred on Tuesday night and through much of Wednesday, forcing the ISP to toughen up its systems. While it was ongoing, the DDoS made it difficult for thousands of [company]Telia[/company]’s customers to surf the web, watch digital TV and make VoIP calls.

Telia spokesman Marcus Haglund told me Thursday that the attack first hit around 10pm on Tuesday evening, running for around 45 minutes. “Then it calmed down overnight,” he said. “It continued from 10am and was running all through the day and escalated in the night. It ended at 8pm.”

“We have an internal investigation that will run to the bottom of what has happened and what we can do to prevent it in the future,” Haglund continued. “There was a configuration that was a bit lax yesterday that we have corrected. If the same attack was aimed at us or any of our customers, we can say we are not vulnerable in the way we were yesterday.”

Haglund said thousands of customers had been affected. In such attacks, the target’s systems are flooded with data, causing them to stop working. Recent years have seen such attacks grow in severity, with the culprits amplifying them by bouncing the traffic off open servers, notably domain name system (DNS) servers.

The ISP hasn’t named the gaming company that was the target, but the Swedish newspaper Dagens Nyheterreported that it was Electronic Arts (EA), which has offices in Stockholm that develop and run the Battlefield Heroes and Battlefield Play4Free services. The paper quoted F5 Networks security expert Joakim Sundberg as saying the attack used DNS servers for amplification, and that it was perpetrated by the “Lizard Squad” hacker group.

TeliaSonera chief Johan Dennelind told ZDNet that the ISP had not “seen an attack on that type of scale before”.

This article was updated at 7.40am PT to change “a few thousand customers” to “thousands of customers” — a correction made at Telia’s request, which may indicate that there were more than a few thousand victims.

]]>CloudFlare activates free Universal SSL encryption for its customers’ websiteshttp://gigaom.com/2014/09/29/cloudflare-activates-free-universal-ssl-encryption-for-its-customers-websites/
Mon, 29 Sep 2014 15:54:04 +0000http://gigaom.com/?p=876842CloudFlare has made good on a promise it made back in August, by turning on SSL encryption for the webpages of all its customers.

The firm, which provides content delivery and anti-DDoS services, announced the rollout of “Universal SSL” in a Monday blog post. It said it would provide protected “https” connections for users of around two million websites – apparently doubling the number of SSL-protected websites out there.

However, beneficiaries still have work to do if they want to fully protect their customers, [company]CloudFlare[/company] CEO Matthew Prince said in the post:

For a site that did not have SSL before, we will default to our Flexible SSL mode, which means traffic from browsers to CloudFlare will be encrypted, but traffic from CloudFlare to a site’s origin server will not. We strongly recommend site owners install a certificate on their web servers so we can encrypt traffic to the origin. Later today we’ll be publishing a blog with instructions on how to do that at no cost. Once you’ve installed a certificate on your web server, you can enable the Full or Strict SSL modes which encrypt origin traffic and provide a higher level of security.

The move will allow CloudFlare to more broadly support the [company]Google[/company] SPDY protocol for speeding up webpage delivery, as this protocol requires an encrypted connection. Site administrators should also see their ranking improve on Google Search, which now takes encryption into account as a ranking signal.

Prince noted that his company’s free Universal SSL support will only benefit users with modern browsers – i.e. those less than 6 years old — which support the ECDSA cipher suite, as older RSA-based suites place too much load on CloudFlare’s systems. The firm’s paid plans will support legacy browsers as well.

A couple of weeks ago, the company revealed a new extension to the TLS security protocol called Keyless SSL. This feature, available to CloudFlare’s enterprise business plans, aims to help firms handling sensitive data get the benefits of content delivery services such as CloudFlare without parting company with their SSL keys.

]]>Sony PlayStation Network back up after DDoS, associated with plane bomb threathttp://gigaom.com/2014/08/25/sony-playstation-network-back-up-after-ddos-associated-with-plane-bomb-threat/
http://gigaom.com/2014/08/25/sony-playstation-network-back-up-after-ddos-associated-with-plane-bomb-threat/#commentsMon, 25 Aug 2014 10:59:19 +0000http://gigaom.com/?p=867394Sony’s PlayStation Network is back up and running after a distributed denial-of-service (DDoS) attack that overwhelmed its servers.

The company said in a blog post early Monday that, despite the attack, it had “seen no evidence of any intrusion to the network and no evidence of any unauthorized access to users’ personal information.” So this isn’t a repeat of the big PlayStation Network breaches of 2011, which saw the theft of personal details of millions of users.

[company]Sony[/company] said in its post that it would forgo scheduled network maintenance that had been scheduled for Monday, and apologized to its users for the inconvenience of the downtime.

In DDoS attacks, the attackers flood the target’s servers with data until they can no longer cope, either disrupting or outright killing the service they’re providing.

It seems there may be a link between the PlayStation Network DDoS and a Sunday bomb threat that diverted an American Airlines flight carrying Sony Online Entertainment chief John Smedley. A [company]Twitter[/company] account belonging to “Lizard Squad” made the threat, specifically referring to Smedley, and also suggested that whoever is behind the account was also directing the DDoS attack.

The motive, apparently, is Sony’s alleged lack of investment in the PlayStation Network:

https://twitter.com/LizardSquad/status/503488179651878912

]]>http://gigaom.com/2014/08/25/sony-playstation-network-back-up-after-ddos-associated-with-plane-bomb-threat/feed/2Feedly’s “extortion” attack continues with third DDoS wavehttp://gigaom.com/2014/06/13/feedlys-extortion-attack-continues-with-third-ddos-wave/
Fri, 13 Jun 2014 12:11:18 +0000http://gigaom.com/?p=849631Feedly is suffering yet another distributed denial of service (DDoS) attack, the third since the news aggregation service was first targeted on Wednesday. The company, whose service was going up and down like a yoyo at the time of writing, tweeted on Friday that it was “working on it” — presumably with CloudFlare, as the CDN and security firm’s name appears on Feedly’s error page. When the first wave hit, Feedly said the attacks were part of an extortion attempt that apparently also targeted other unspecified firms.
]]>Evernote and Feedly hit by DDoS attackshttp://gigaom.com/2014/06/11/evernote-hit-by-sync-disrupting-ddos-attack/
http://gigaom.com/2014/06/11/evernote-hit-by-sync-disrupting-ddos-attack/#commentsWed, 11 Jun 2014 07:56:43 +0000http://gigaom.com/?p=848818Evernote is still trying to fend off an attack that is disrupting its service, according to the notetaking service’s service page. Meanwhile, the news aggregator Feedly has also been hit by a distributed denial of service attack that was apparently linked to an extortion attempt.

On Wednesday morning, Evernote’s status page said the firm was was “actively working to neutralize a denial of service attack,” and users may experience problems trying to access the service. Evernote has more than 100 million users.

Criminals are attacking feedly with a distributed denial of service attack (DDoS). The attacker is trying to extort us money to make it stop. We refused to give in and are working with our network providers to mitigate the attack as best as we can.

We are working in parallel with other victims of the same group and with law enforcement.

DDoS attacks usually involve using many computers (such as those caught up in a botnet to hammer a targeted web service with so many packets of data that the service simply can’t cope. To give you an idea of the volume this can involve in extreme cases, a DDoS attack in February ran at over 400 gigabits per second.

In the case of Evernote, details are scarce, though a company spokeswoman told the BBC that the attack began around 2:25 PM PT on Tuesday. At the time of writing, that means the attack has been going on for close on 10 and a half hours. Evernote is mostly back up and running, but some users are reportedly having trouble synchronizing their data between devices.

DDoS attacks are unfortunately becoming a standard cost of doing business online. Just in the last few days, similar attacks have also targeted the French music-streaming service Deezer and an unnamed gambling site.

]]>http://gigaom.com/2014/06/11/evernote-hit-by-sync-disrupting-ddos-attack/feed/1Elance and oDesk hit by major DDoS attacks, downing services for many freelancershttp://gigaom.com/2014/03/18/elance-hit-by-major-ddos-attack-downing-service-for-many-freelancers/
http://gigaom.com/2014/03/18/elance-hit-by-major-ddos-attack-downing-service-for-many-freelancers/#commentsTue, 18 Mar 2014 15:45:56 +0000http://gigaom.com/?p=825832The freelancer platform Elance has been under a sustained distributed denial-of-service (DDoS) attack for more than a day, making the service unavailable for many users — but apparently not compromising their data. Rival oDesk, with which Elance will soon merge, was also hit by a separate attack.

The Elance episode seems to have been a so-called NTP reflection attack, judging from an Elance tweet referencing a piece I recently wrote about the technique. Such attacks use botnets and badly configured NTP servers — essentially time checks for computers’ clocks — to amplify a small amount of data into a large one that overpowers the targets’ systems.

We're battling a DDoS attack & working to restore our site fully. It looks similar to recent attacks seen elsewhere: http://t.co/RIvBUOksNb

Mountain View, Calif.-based Elance has over 4 million users (it will roughly double that through its upcoming merger with chief rival oDesk). It’s not clear how many have been affected by the outage, as a company spokeswoman told me only that “some users have not been impacted.”

An oDesk spokeswoman told me that oDesk “experienced a separate short DDoS attack on odesk.com for a few hours last night. The site is up and has been since about 5am PT.”

Elance’s spokeswoman said by email that their attack began at 6am PT on Monday and remains ongoing, albeit sporadically. She didn’t respond to a question about the possible motivation, but she did say Elance had defenses in place to ward off DDoS attacks on its service, and has “since invested in new technology to try to thwart the attackers.”

She added:

“We have a unique community of both businesses and freelancers and we’ve reached out to inform them about the attack and let them know that none of their data was compromised but to expect delays. Both sides of our community have been very responsive and sympathetic.”

This article was updated to include new information on the oDesk attack.